diff options
| -rw-r--r-- | MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c | 15 | ||||
| -rw-r--r-- | MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h | 5 |
2 files changed, 19 insertions, 1 deletions
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c index 2ff04ff..8e29213 100644 --- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c +++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c @@ -692,6 +692,7 @@ HttpUrlGetPort ( {
CHAR8 *PortString;
EFI_STATUS Status;
+ UINTN Index;
UINTN Data;
UINT32 ResultLength;
HTTP_URL_PARSER *Parser;
@@ -700,6 +701,9 @@ HttpUrlGetPort ( return EFI_INVALID_PARAMETER;
}
+ *Port = 0;
+ Index = 0;
+
Parser = (HTTP_URL_PARSER*) UrlParser;
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PORT)) == 0) {
@@ -723,8 +727,19 @@ HttpUrlGetPort ( PortString[ResultLength] = '\0';
+ while (Index < ResultLength) {
+ if (!NET_IS_DIGIT (PortString[Index])) {
+ return EFI_INVALID_PARAMETER;
+ }
+ Index ++;
+ }
+
Status = AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset, (CHAR8 **) NULL, &Data);
+ if (Data > HTTP_URI_PORT_MAX_NUM || Data < HTTP_URI_PORT_MIN_NUM) {
+ return EFI_INVALID_PARAMETER;
+ }
+
*Port = (UINT16) Data;
return Status;
}
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h index 0d0ad3d..5ee0fdc 100644 --- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h +++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h @@ -1,7 +1,7 @@ /** @file
Header file for HttpLib.
- Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
@@ -50,6 +50,9 @@ Header file for HttpLib. #define HTTP_URI_FIELD_PORT 7
#define HTTP_URI_FIELD_MAX 8
+#define HTTP_URI_PORT_MIN_NUM 0
+#define HTTP_URI_PORT_MAX_NUM 65535
+
//
// Structure to store the parse result of a HTTP URL.
//
|